Website Security Checklist – 9 Simple Points
Website security is of the utmost importance to your business.
April 8, 2021
Disclosure/Disclaimer: This post/page may contain affiliate links. I may earn commissions if you click on the links and make a purchase. This is at no additional cost to you. All opinions remain my own. For more information click here.
Hackers are a serious threat! Don’t I know! Thank goodness my business website has not been hacked (knock on wood!), but when I was at my government job our whole network system experienced a Ransom Cyber Attack. And it was BAD!!
We were down for more than 2 months and it took a few more months to completely recover. It all started with an unsuspecting employee opening an email “xlsm” file with a destructive virus. What a NIGHTMARE!
Guess what? Hackers have been trying to hack your site today. More than likely, they tried to hack your site several times today. Obviously, you cannot afford to have this happen. I am going to share with you 9 simple ways to help keep your site secure.
First And Foremost, You Want To Choose Your Host Wisely.
I highly recommend Bluehost or Siteground. Why?
- Awesome Customer Service – time is of the essence when your site has crashed.
- Free SSL – best indicator for visitors of a secure website
- 24/7 Monitoring and Updating of Network Servers
Second, You Want To Choose A Premium Theme.
Although you may not want to spend the money, this is where you should invest in your business as soon as you can. You DO NOT want a Free Theme. You get what you pay for! Free themes are not coded well, not updated as needed, and not as functional as a Premium Theme.
Let’s be real, Free Themes are not money makers so the coding is not up to par. Because everyone eventually purchases a Premium Theme, it’s easier to do it sooner rather than later and having to go through the hassle of transfering all your content. Do yourself a favor and invest in a quality theme.
My theme of choice is Divi by Elegant Themes. Divi offers a library of over 200 layouts to choose from, but I personally like to build my own. Either way, you can create a beautiful and professional looking website.
Other great places to purchase premium themes are Bluchic, CyberChimps, and Themeforest.
Re-Evaluate Your Username And Password
Securing an effective Username and Password is so often overlooked for the sake of convenience.
When setting up your website, the default Username is Admin or something similar. The first thing you should do is change that immediately. Other Usernames you should NEVER use are:
- Your name, your child’s name, your dog’s name – get the picture?
- The name of your site
- Your email address
Since hackers are testing your site 24/7 (they are up around the clock and from all over the world) and the Username is half of the puzzle to access it, why would you hand them that on a silver platter? Instead, choose something out of the ordinary that you can remember – B@dA$$-Bl0gger or even better I@@Ab19!83 (the first letter of each word in the phrase I am an awesome blogger with a significant year to remember and a symbol in between).
I know. I know. WordPress tells you that you cannot change your username. I can change it for you for FREE in just a few minutes. Shoot me an email at hello@uptowndowntowngal and put Change Username in the subject line. I will get back with you shortly.
Your Password should be even harder to figure out! Once again NEVER use your child’s name, your pet’s name, a family nickname, or anything easily guessed. Use the same example as the Password. Make it hard to hack, but easy to remember.
You should consider changing your password often for extra security.
Keep Your User Info Up To Date
Although you may trust people, it is always better to be on the safe side. You should delete users as soon as you know they no longer need an account. Monthly or quarterly audits should also be done to keep this information up to date.
Install A Highly Rated Security Plugin
A plugin is software that allows additional function on your site without having to create or insert code yourself. Security Plugins reduce risk by checking for vulnerabilities, preventing certain addresses from accessing your account, blocking countries that are known for a lot of hacking, and alerting you of bot activity and multiple login attempts.
If you have a new site with not much activity, you can probably get away with one of the free security plugins. I have had great experience with WordFence. You can also check out All In One WP Security that some of my colleagues say is pretty good too.
After you’ve had your site for a while, added quite a bit of content, and are making money, you will want to upgrade to a premium security package. WordFence Premium Security and Securi Scanner are both great options and fairly easy to install.
Because the security of your site is very important, do your research and choose the premium plan that best suits your needs. A couple hundred dollars spent now on security is money put to good use. I guarantee you do not want to find out what it costs to clean a hacked site, on top of the revenue you will lose while your site is down.
Backup! Backup! Backup! What Was That?? BACKUP Your Site Regularly!
Always have a backup. Many hosting companies do backups, but, more than likely, you need more than they provide. For that reason, I purchased a premium package that includes regular backups. And, just for my own piece of mind, I use the FREE version of UpdraftPlus. I figure it’s better to be safe, than sorry.
Keep Your Site Updated
Make certain you have the most current version for your hosting, theme, and plugins. If possible, go to your settings and enable automatic updating. Do not ignore notifications for updates; it may be an update fix for a security issue.
Keep Your Site Free Of Spam
Remove all spam comments. I use the Akismet FREE plugin to catch most of them. I also set all comments to be approved prior to being made public. This way I can get rid of all spam and inappropriate junk immediately.
Remove All Unused Plugins, Themes, And Anything You Are Not Currently Using.
Developers sometimes abandon an old plugin. These are a hackers dream and can be used as a backdoor to access your site. If a plugin has not been updated in many months, beware, you DO NOT want it on your site! WordFence alerts you of potentially abandoned plugins.Always remove unwanted junk themes that WordPress puts on your site automatically. Another backdoor for hackers. You have no use for them and they have no business being there taking up valuable space.
Now is a good time to PIN this post, so you can refer back to it at any time. Choose your Pin Image below.
In Conclusion
Everyone thinks it won't happen to them, until it does! You may not think it's worth the effort, but I personally feel it is better to be safe than sorry. Make the extra effort to keep your site protected.
Let me know how these tips work for you in the comment section below.
I invite you to follow me on Facebook and Pinterest. If you find this information useful, please share with your family and friends.
Your Girlfriend,
31 Comments
Submit a Comment
This site uses Akismet to reduce spam. Learn how your comment data is processed.
Marinated Corn Salad
Quick, no-cook, and colorful! This Marinated Corn Salad is packed with a burst of flavor. The perfect side for your summer BBQ menu.
Easy Peasy Homemade Chili
Hot Chines Chicken Salad combines two family favorites: creamy chicken salad and a comforting casserole! It is so versatile it would be delicious served for brunch, lunch, or dinner!
Hot Chinese Chicken Salad
Hot Chines Chicken Salad combines two family favorites: creamy chicken salad and a comforting casserole! It is so versatile it would be delicious served for brunch, lunch, or dinner!
Spicy Tuna Sushi Stack
Spicy Tuna Sushi made simple! Fun to make, exploding with flavor, and guaranteed to impress! Great for lunch or dinner.
Whistling Pig Hotdog Chili
A landmark teenage drive-in in Georgetown, SC. Although the Whistling Pig is no more, their Hotdog Chili will live on forever!
These are great tips! Did you notice any benefits when you moved to a premium theme like an increase in site visitors, SEO rank, etc? I am still debating whether it is worth the effort to make the upgrade. Thanks!
Hi Darla, I actually purchased my premium theme prior to launching my site. I found I needed more functionality than the free theme offered.
Great tips for security! I have seen wordfence work against many attacks on my site, which makes me grateful I installed it right away!
I think that establishing strong site security is something that beginning bloggers push onto the back burner because there are so many spinning plates to keep in the air. This is a great reminder of how all those plates can come crashing down due to that oversight!
Thank you for all of these tips regarding blog security! I have implemented a few of them, but I need to look into using UpDraft Plus. I'm going to save this post and review it quarterly to make sure my blog is secure!
Hacking is so scary! Thanks for the awesome tips on here.
This is a great post! So much important information!
Great info!! So long hackers!
I have a service so that ends that. I was hacked once and I will never let it happen again.
Bookmarking this for future reference!
I think website security is a foreign issue to so many of us.
I had no idea free themes were not coded well. I changed mine once at a huge fee so I cannot change it again. So far, no problems and I have been very happy with my Sinatra theme.
Great advice. I pinned it!
Great advice! I will start looking to upgrade my free theme now!
Thank you! I just went and changed my password
Good idea!
Great tips! I was considering DiVi too. Is it quick?
I love Divi. It has been great. Customer service is AWESOME! Yes it's quick, but I think that is more of a host issue along with other factors.
These are great suggestions! Security is something we sometimes don't think about until it is too late. I'm going to reexamine my passwords as well!
Great tips for website security.
This is great advice. I agree with you on BlueHost. Their customer service is awesome. I also use WordFence and UpDraft.
Security is so important! Thank you for some insights
I needed this. GREAT post!
Excellent advice! Thank you for sharing.
These are great suggestions! It's always one of my fears! Better to be protected and smart!
Great suggestions! With the amount of time and effort it takes to create and run a blog, I would hate to lose it all to hackers!
Great suggestions! Removing unwanted plug-ins really helped speed up the site for me.
Excellent checklist! I want to change my theme but I'm so scared to do it for fear I'll mess something up!
I'm so terrible at doing my backups regularly. Thanks for the reminder!
Ooh these are great tips. Really smart about using a username that isn't related to your name/email etc.
Some of those spam comments crack me up. I definitely agree that having comment moderation is super helpful, otherwise who knows what comments will be up on your posts for others to see 😹
I use UpdraftPlus and Wordfence as well. Definitely important to have security for our sites!